Managing identities. TICAL 2012, Lima, Peru Roland Hedberg tisdag 3 juli 12
|
|
- Gavin Sparks
- 8 years ago
- Views:
Transcription
1 Managing identities TICAL 2012, Lima, Peru Roland Hedberg
2 Who am I? Got into networking in 1987 Managed computer networks and network applications Worked with standardisation of directory technologies Software developer/senior researcher
3 Umeå, Sweden Latitude: 63 50' North Longitude: 20 15' East
4 Topics Why How Future
5 What s an identity?
6 What s an identity? The collective aspect of the set of characteristics by which a thing is definitively recognizable or known.
7 What s an identity? The collective aspect of the set of characteristics by which a thing is definitively recognizable or known.
8 What s an identity? The collective aspect of the set of characteristics by which a thing is definitively recognizable or known. A set of attributes and values
9 Why?
10 Historic progression late 80 A set of completely autonomous systems
11 1st transition LDAP mid 90 Some know how to use LDAP LDAP is populated manually
12 2nd transition 2007 Single-Sign-On ubiquitous in-house Extra info from LDAP SSO Metadirectory
13 3rd transition today Identity federations SAML Eduroam
14 IdPs over the world as seen from Norway
15 Driving forces 1st & 2nd transition Centralized cheaper than decentralized 3rd transition User convinience and economy of scale
16 Eduroam
17 Eduroam status 43 member NROs > 5300 service locations (Au, Nz) 250 M successful authn (~6% international) may april 2012 eduroam is ranked as 27th most widely used SSID (5th most frequent operator SSID)
18 Why! Enables trustworthy exchange of information between federations Reduces the costs of developing and operating services Improves the security and end-user experience of services Enables service providers to greatly expand their user base Enables identity providers to increase the number of services available to their users
19 How
20 SWAMID offers quality assured and secure identification of employees, students, alumni and other associated in higher education in Sweden, in the Nordic countries, in the rest of Europe and also in North America and Asia. The edugain service is intended to enable the trustworthy exchange of information related to identity, authentication and authorisation between the GÉANT (GN3) Partners' federations. InCommon provides a secure and privacy-preserving trust fabric for research and higher education institutions, and their partners, in the United States.
21 SWAMID offers quality assured and secure identification of employees, students, alumni and other associated in quality higher education assured in Sweden, in the Nordic countries, in the rest of Europe and also in North America and Asia. The edugain service is intended to enable the trustworthy trustworthy exchange of information exchange related to identity, authentication and authorisation between the GÉANT (GN3) Partners' federations. InCommon provides a secure and privacy-preserving trust fabric trust fabric for research and higher education institutions, and their partners, in the United States.
22 TRUST
23 Federation policies SWAMID Federation Policy v2.0 SWAMID Basic Identity Assurance Profile v1.0 SWAMID eduroam Technology Profile v1.0 SWAMID SAML WebSSO Technology Profile v1.0
24 Explicit trust Kantara Identity Assurance Framework (IAF) Common Organizational Service Assessment Criteria Operational Service Assessment Criteria
25 Trust in Security environment IdM checklist
26 Some outstanding issues
27 Problem of scale A few services has many users Many services has few users
28 Which identity provider to use? OpenID NASCAR problem Where Are You From (WAYF)
29 Attribute releases Specific for every Identity - Service provider pair Solution Service categories
30 Service examples
31 SWAMID coverage All universities with more than 1000 FTE students are part of SWAMID ~ 97 % of all students and employees
32 Studera.nu
33 NyA-webben Student administration Student admission system Base user urn:mace:swami.se:gmai:nya-dw:base:o=yy Department user urn:mace:swami.se:gmai:nya-dw: department:o=yy:noreduorgunituniquenumber=zzzz
34 Adobe Connect
35 BOX.COM Business agreement between SUNET and BOX.COM
36 Hospital contact
37 Foodl
38 Future
39 Non-web Project Moonshot is a JANET(UK)-led initiative, in partnership with the GEANT project and others, to develop a single unifying technology for extending the benefits of federated identity to a broad range of non-web services, including Cloud infrastructures, High Performance Computing & Grid infrastructures and other commonly deployed services including mail, file store, remote access and instant messaging.
40 The great divide Higher Education and public services SAML2 Social services OpenId/OAuth2/OpenId Connect
41 Conclusion Get your identity management in order Document and secure your IdM process Join the Identity federations
Federations 101. An Introduction to Federated Identity Management. Peter Gietz, Martin Haase
Authentication and Authorisation for Research and Collaboration Federations 101 An Introduction to Federated Identity Management Peter Gietz, Martin Haase AARC NA2 Task 2 - Outreach and Dissemination DAASI
More informationProvisioning and Deprovisioning 1 Provisioning/De-provisiong replacement 1
Item Count Provisioning/Deprovisioning Automated Deprovisioning 1 Automated on/off boarding from an authoritative source AUTOMATED [DE-]PROVISIONING 1 Removal of resources at the appropriate time 1 Timeliness
More informationIdentity Management: Background, Principles, GENI
Identity Management: Background, Principles, GENI Topics Internet identity What s been happening Gaps Identity Management Includes identity and access control via groups and roles Adapting apps to use
More informationLicia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe
APAN Conference Honolulu, Hawaii 24 January 2008 Licia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe Outline Networking Organisations in Europe Requirements
More informationEnabling SAML for Dynamic Identity Federation Management
Enabling SAML for Dynamic Identity Federation Management Patricia Arias, Florina Almenárez, Andrés Marín and Daniel Díaz-Sánchez University Carlos III of Madrid http://pervasive.gast.it.uc3m.es/ WMNC 2009
More informationEnabling a federated environment to support biomedical research. Gianmauro Cuccuru CRS4
Enabling a federated environment to support biomedical research Gianmauro Cuccuru CRS4 ELIXIR connects national bioinformatics centres and EMBL- EBI into a sustainable European infrastructure for biological
More informationIssues in federated identity management
Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh 1 Contents Federated identity management overview Open issues for federations 2 Introduction Federated identity
More informationHow Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data
2014 Fifth International Conference on Computing for Geospatial Research and Application How Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data Andreas Matheus University of
More informationTRUST AND IDENTITY EXCHANGE TALK
TRUST AND IDENTITY EXCHANGE TALK Ken Klingenstein, Internet2 2015 Internet2 Trust and Identity Why It Matters An Identity Layer for the Internet Benefits for the Rest of the Stack What It Is Technologies
More informationRedIRIS Identity Service
RedIRIS Identity Service latest news and developments Jaime Pérez Middleware Engineer FAM11 London, November 09 th 2011 Intro & numbers The research & education federation in Spain Hub & Spoke Supports
More informationIdentity Management Systems for Collaborations and Virtual Organizations
Identity Management Systems for Collaborations and Virtual Organizations Topics Update on Internet identity IdM Systems for Virtual Organizations Goals Early Implementations Issues and Discussions Update
More informationРазработка программного обеспечения промежуточного слоя. TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet
Разработка программного обеспечения промежуточного слоя TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet Contents - SURFnet Middleware Services department: - eduroam, SURFfederatie,
More informationDAMe Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture
DAMe Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture Sascha Neinert Marseille, 06.02.2008, Sascha Neinert, 06.02.2008 Seite 1 Overview Project Goals Partners Network
More informationFederated Identity- and Access Management for the Max-Planck Society
Federated Identity- and Access Management for the Max-Planck Society Organisational Aspects & Funding Prof. Dr. Ramin Yahyapour Christof Pohl, Andreas Ißleiber GWDG Gesellschaft für wissenschaftliche Datenverarbeitung
More informationEnterprise & Vertical Reporting. Challenges and Solutions
Enterprise & Vertical Reporting Challenges and Solutions The Challenge: How do you design a real time data collection system that is scalable for states and districts that is easy to use and extendible
More informationCloud federation. Prelude to Hybrid Clouds. CHEP 2015 Okinawa, Japan. Marek Denis CERN Geneva, Switzerland
Cloud federation CHEP 2015 Okinawa, Japan Prelude to Hybrid Clouds Marek Denis CERN Geneva, Switzerland Basic definitions OpenStack: An Open Source Cloud Managing System which allows implementors to: --
More informationCollaboration in the Cloud. Niels van Dijk, SURFnet, niels.vandijk@surfnet.nl CAMP, Nov 15 2013, San Francisco
Collaboration in the Cloud Niels van Dijk, SURFnet, niels.vandijk@surfnet.nl CAMP, Nov 15 2013, San Francisco R&E SURF in and The SURFnet Netherlands: SURF and SURFnet National Research & Education Network
More informationIdentity Management. Manager, Identity Management. Academic Technology Services. Michigan State University Board of Trustees
Identity Management and Shibboleth h at MSU Jim Green Manager, Identity Management Michigan State t University it Academic Technology Services Identity Management Definition: Identity management is the
More informationDevelopment and deployment of integrated attribute based access control for collaboration
Development and deployment of integrated attribute based access control for collaboration Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications
More informationIAMUCLA 2.0 SSO Updates
IAMUCLA 2.0 SSO Updates Common Systems Group Meeting July 27, 2015 IAMUCLA 2.0 Projects Password Security Concerns Technology Evolution Health Systems SSO Support Departmental/Service Accounts Testing
More informationDeliverable D9.2 Market Analysis for Virtual Organisation Platform as a Service (VOPaaS)
19-11-2015 Contractual Date: 30-09-2015 Actual Date: 19-11-2015 Grant Agreement No.: 691567 Activity: SA5 Task Item: 4 Nature of Deliverable: R (Report) Dissemination Level: PU (Public) Lead Partner: AMRES
More informationA Shibboleth View of Federated Identity. Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR
A Shibboleth View of Federated Identity Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR Short Section Title Agenda Assumptions and Trends Identity Management and Shibboleth Shibboleth
More informationTitle: A Client Middleware for Token-Based Unified Single Sign On to edugain
Title: A Client Middleware for Token-Based Unified Single Sign On to edugain Sascha Neinert Computing Centre University of Stuttgart, Allmandring 30a, 70550 Stuttgart, Germany e-mail: sascha.neinert@rus.uni-stuttgart.de
More informationSD Departmental Meeting November 28 th, 2006. Ale de Vries Product Manager ScienceDirect Elsevier
ש בולת SD Departmental Meeting November 28 th, 2006 Ale de Vries Product Manager ScienceDirect Elsevier Shi... whát? : Shibboleth ש בולת [...] "stream, torrent". It derives from a story in the Hebrew Bible,
More informationFederated Identity Management Checklist
Federated Identity Management Checklist This document lists the minimum (marked with an *) and recommended policy, process, and technical steps required to implement Federated Identity Management and operate
More informationGARR Cloud Services. GARR strategy towards the provisioning of Cloud Services. Mario.Reale@garr.it. On behalf of the GARR Cloud Team
Cloud Services strategy towards the provisioning of Cloud Services Mario.Reale@garr.it On behalf of the Cloud Team Fabio Farina, Mario Reale, Cristiano Valli, Fulvio Galeazzi, Simon Vocella, Andrea Biancini,
More informationAuthentication Integration
Authentication Integration VoiceThread provides multiple authentication frameworks allowing your organization to choose the optimal method to implement. This document details the various available authentication
More informationSecure Your Enterprise with Usher Mobile Identity
Secure Your Enterprise with Usher Mobile Identity Yong Qiao, Vice President of Software Engineering & Chief Security Architect, MicroStrategy Agenda Introduction to Usher Unlock the enterprise Dematerialize
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationMasdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae
Masdar Institute Single Sign-On: Standards-based Identity Federation John Mikhael ICT Department jmikhael@masdar.ac.ae Agenda The case for Single Sign-On (SSO) Types of SSO Standards-based Identity Federation
More informationPing Identity, Euro Cloud award entry
Ping Identity, Euro Cloud award entry Category: Best Cloud Offering Product: PingFederate 6.6 About Ping Identity Ping Identity is the cloud identity security leader, specialising in cloud identity, security,
More informationShibboleth User Verification Customer Implementation Guide 2015-03-13 Version 3.5
Shibboleth User Verification Customer Implementation Guide 2015-03-13 Version 3.5 TABLE OF CONTENTS Introduction... 1 Purpose and Target Audience... 1 Commonly Used Terms... 1 Overview of Shibboleth User
More informationSecure WiFi Access in Schools and Educational Institutions. WPA2 / 802.1X and Captive Portal based Access Security
Secure WiFi Access in Schools and Educational Institutions WPA2 / 802.1X and Captive Portal based Access Security Cloudessa, Inc. Palo Alto, CA July 2013 Overview The accelerated use of technology in the
More informationFederated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure
Federated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure Ahmed Shiraz Memon (JSC - DE) Jens Jensen (STFC escience - UK) Ales Cernivec (XLAB - SL) Krzysztof Benedyczak
More informationOvercoming Barriers to Federation and Making IdPs Easier
Overcoming Barriers to Federation and Making IdPs Easier Paul Caskey, Internet2 Janemarie Duh, Lafayette College Chris Phillips, CANARIE David Walker, Internet2 Overview Barriers to Deploying an IdP and
More informationIdentity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE
Identity Management in Liferay Overview and Best Practices Liferay Portal 6.0 EE Table of Contents Introduction... 1 IDENTITY MANAGEMENT HYGIENE... 1 Where Liferay Fits In... 2 How Liferay Authentication
More informationFederated Identity: Leveraging Shibboleth to Access On and Off Campus Resources
Federated Identity: Leveraging Shibboleth to Access On and Off Campus Resources Paul Riddle University of Maryland Baltimore County EDUCAUSE Mid-Atlantic Regional Conference January 16, 2008 Copyright
More informationVOPaaS Virtual Organisation Platform as a Service
VOPaaS Virtual Organisation Platform as a Service Marina Adomeit Task Leader, AMRES, Serbia Niels Van Dijk Technical Lead, SURFnet, The Netherlands FIM4R meeting Nov 30, 2015, Austria About VOPaaS in GÉANT
More informationIdentity and Access Management for LIGO: International Challenges
Identity and Access Management for LIGO: International Challenges Scott Koranda for LIGO and CTSC University of Wisconsin-Milwaukee November 14, 2012 LIGO-XXXXXXXX-v1 1 / 26 LIGO Science Mission LIGO,
More informationIdentity Federation For Authenticating and Authorizing Researchers
Identity Federation For Authenticating and Authorizing Researchers Cletus Okolie NOC Manager Eko-Konnect Research and Education Initiative Outline What are IdFs? IdF components Software Packages for IdF
More informationFederated Wikis Andreas Åkre Solberg andreas@uninett.no
Federated Wikis Andreas Åkre Solberg andreas@uninett.no Wikis in the beginning...in the beginning wikis were wide open. Great! - But then the spammers arrived. Password protected wikis Create yet another
More informationEgnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)
w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS) To set up ADFS so that your employees can access Egnyte using their ADFS credentials,
More informationIntroduction to Identity and Access Management for the engineers. Radovan Semančík April 2014
Introduction to Identity and Access Management for the engineers Radovan Semančík April 2014 How it works now? Manager Admin Login Users Login Admin Login Login Login Theory Manager Admin Forgot password
More informationHOL9449 Access Management: Secure web, mobile and cloud access
HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle
More informationExperiences in Supporting Service Providers and User Communities. Lukas Hämmerle, GÉANT/SWITCH AAI@eduHR Conference 26 November 2014
Experiences in Supporting Service Providers and User Communities Lukas Hämmerle, GÉANT/SWITCH AAI@eduHR Conference 26 November 2014 Who am I! Work almost 10 years for SWITCH (Swiss NREN)! Mostly involved
More informationINF3510 Information Security University of Oslo Spring 2012. Lecture 8 Identity and Access Management. Audun Jøsang
INF3510 Information Security University of Oslo Spring 2012 Lecture 8 Identity and Access Management Audun Jøsang Outline Identity and access management concepts Identity management models Access control
More informationModern Approach for User and Service Management. Michal Procházka CESNET Czech Republic
Modern Approach for User and Service Management Michal Procházka CESNET Czech Republic Motivation Users want to access valuable services Ideally using one digital identity vs. Service providers need to
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationAdding Federated Identity Management to Openstack
Adding Federated Identity Management to Openstack David Chadwick d.w.chadwick@kent.ac.uk 5 April 2014 Cloud Computing Security and Identity Workshop, NMOC 1 OpenStack Large open source project to develop
More informationEXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES
pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon
More informationIdentity and Access Management for Federated Resource Sharing: Shibboleth Stories
Identity and Access Management for Federated Resource Sharing: Shibboleth Stories http://arch.doit.wisc.edu/keith/apan/ apanshib-060122-01.ppt Keith Hazelton (hazelton@doit.wisc.edu) Sr. IT Architect,
More informationIDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach
IDENTITY MANAGEMENT AND WEB SECURITY A Customer s Pragmatic Approach AGENDA What is Identity Management (IDM) or Identity and Access Management (IAM)? Benefits of IDM IDM Best Practices Challenges to Implement
More informationEXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole.
KuppingerCole Report EXECUTIVE VIEW By Peter Cummings October 2013 EmpowerID 2013 By Peter Cummings pc@kuppingercole.com October 2013 Content 1 Vendor Profile... 3 2 Product Description... 4 2.1 Single
More informationUNI. UNIfied identity management. Krzysztof Benedyczak ICM, Warsaw University
UNI TY UNIfied identity management Krzysztof Benedyczak ICM, Warsaw University Outline The idea Local database Groups, Entities, Identities and Attributes UNITY Authorization Local authentication Credentials
More informationStandards for Identity & Authentication. Catherine J. Tilton 17 September 2014
Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: McGill University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationFrom centralized to single sign on
The LemonLDAP::NG project Abstract LemonLDAP::NG is a modular WebSSO (Web Single Sign On) software based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the
More informationSingle Sign On. SSO & ID Management for Web and Mobile Applications
Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing
More informationIdentity Governance Evolution
Identity Governance Evolution Paola Marino Principal Sales Consultant Agenda Oracle Identity Governance Innovation Cloud Scenarios enabled by Oracle Identity Platform Agenda Oracle
More informationJoint Research Activity 5 Task Force Mobility
Joint Research Activity 5 Task Force Mobility Network authentication with Network Roaming with eduroam Stefan Winter TREFpunkt 13, Örebro, Sweden 12 Oct 2005 1 Overview Differences
More informationAn introduction of several development activities related to Shibboleth and Web browser-based simple PKI
An introduction of several development activities related to Shibboleth and Web browser-based simple PKI Toyokazu Akiyama 1, Motonori Nakamura 2, Takeshi Nishimura 2, Kazutsuna Yamaji 2, Yukiko Kawai 1
More informationeduroam(radius based Federation)
eduroam(radius based Federation) Deokjai Choi (Chonnam National University, Korea) 2015. 8. 18 WHAT IS eduroam? eduroam: EDUcation ROAMing Provides secure internet access for academic roamers. User experience
More informationperfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es
perfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es 10 th TF-EMC2 Meeting - Marseille, 4 th -5 th February 08 1.16 Agenda 1.Scenario of perfsonar 2. Using edugain
More informationExternal and Federated Identities on the Web
External and Federated Identities on the Web Jan Pazdziora Sr. Principal Software Engineer Identity Management Special Projects, Red Hat 1 st October 2015 Scope and problem statement Applications get deployed
More informationActive Directory Integration WHITEPAPER
Active Directory Integration WHITEPAPER Even as enterprises continue to adopt more cloud applications, Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) still play a critical role
More informationAdding Federated Identity Management to OpenStack
Adding Federated Identity Management to OpenStack David Chadwick University of Kent 3 December 2012 University of Kent 1 Some Definitions What is Identity? A whole set of attributes that in combination
More informationIdentity Management in the Asia Pacific Region: Facilitating Secure and Easy Access to Online Services
CHAIN REDS Final Conference, Brussels, 31 March, 2015 Identity Management in the Asia Pacific Region: Facilitating Secure and Easy Access to Online Services Suhaimi Napis, PhD Universiti Putra Malaysia
More informationIntegrating Multi-Factor Authentication into Your Campus Identity Management System
Integrating Multi-Factor Authentication into Your Campus Identity Management System Mike Grady, Unicon David Walker, Internet2 (both associated with the Internet2 Scalable Privacy Project) Agenda Multi-Context
More informationInCommon Basics and Participating in InCommon
InCommon Basics and Participating in InCommon A Summary of Resources Updated October 25, 2013 Copyright 2011-2013 by Internet2, InCommon and/or the respective authors Table of Contents TABLE OF CONTENTS
More informationMy Private Cloud. Project Objectives
My Private Cloud David W Chadwick University of Kent 1 Dec 2011 IEEE CloudCom 2011 1 Project Objectives Migrate (as much as possible in 6 months of) the trust, security and privacy preserving infrastructure
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationGÉANT IaaS suppliers meeting Towards Pan-European Cloud Services. Utrecht October 14 2015
GÉANT IaaS suppliers meeting Towards Pan-European Cloud Services Utrecht October 14 2015 Why and what TODAY More information about IaaS delivery through GÉANT Tender Provider GÉANT interaction Opportunity
More informationAn Infocard-based proposal for unified SSO to eduroam
An Infocard-based proposal for unified SSO to eduroam Enrique de la Hoz, Antonio García, Diego López, Samuel Muñoz University of Alcala (Spain), RedIRIS (Spain) TNC2009, Málaga (Spain), June 9 th 2009
More informationFederated Identity for Cloud Computing and Cross-organization Collaboration
Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated
More informationStandardisation of eduroam Testing, Monitoring, Metrics and Support Tools
STANDARDISATION OF EDUROAM TESTING, MONITORING, METRICS AND SUPPORT TOOLS Page 1/16 20 January 2014 Standardisation of eduroam Testing, Monitoring, Metrics and Support Tools Neil Witheridge neil.witheridge@aarnet.edu.au
More informationmanaging SSO with shared credentials
managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout
More informationIncrease the Security of Your Box Account With Single Sign-On
A Box White Paper Increase the Security of Your Box Account With Single Sign-On Box s high level of security, 24x7 support and 99.9% uptime are critical for us. The biggest benefits are the reliability
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationOpenID Connect for SURFconext
OpenID Connect for SURFconext Assessment of the OpenID Connect protocol for Federations of Higher Education and Research Project : Samenwerkingsinfrastructuur Projectjaar : 2012 Projectmanager : Bas Zoetekouw
More informationToward campus portal with shibboleth middleware
Toward campus portal with shibboleth middleware Eisuke Ito and Masanori Nakakuni itou@cc.kyushu u.ac.jp, Kyushu University nak@fukuoka u.ac.jp, Fukuoka University Outline 1. Background 2. Shibboleth 3.
More informationIdentity Management for the Cloud
Identity Management for the Cloud New answers to old questions 10. Anwenderkonferenz Softwarequalität, Test und Innovationen 6. und 7. September 2012 Alpen-Adria-Universität Klagenfurt Dr. Horst Walther,
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationFederated Identity Management
Federated Identity Management SWITCHaai Team aai@switch.ch Agenda 2 What is Federated Identity Management? What is a Federation? The SWITCHaai Federation Interfederation Evolution of Identity Management
More informationThe Future of Cloud Identity Security. Michael Schwartz Founder / CEO Gluu
The Future of Cloud Identity Security Michael Schwartz Founder / CEO Gluu Session ID: IAM-207 Session Classification: General Interest Background 2 Finally an Internet Identity Foundation 3 Who is behind
More informationMY1LOGIN SOLUTION BRIEF: PROVISIONING. Automated Provisioning of Users Access to Apps
MY1LOGIN SOLUTION BRIEF: PROVISIONING Automated Provisioning of Users Access to Apps MY1LOGIN SOLUTION BRIEF: PROVISIONING Automated Provisioning of Users Access to Apps The ability to centrally provision
More informationActive Directory Integration 855.426.7227. www.onelogin.com twitter.com/onelogin ONELOGIN WHITEPAPER
Active Directory Integration Even as enterprises continue to adopt more cloud applications, Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) still play a critical role in how information
More informationAlex Wong Senior Manager - Product Management Bruce Ong Director - Product Management
Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release
More informationInCommon Affiliates Webinar Three Case Studies with Unicon September 18, 2013
InCommon Affiliates Webinar Three Case Studies with Unicon September 18, 2013 John O Keefe, VP IT & CIO, Lafayette College Keith Hazelton, Senior IT Architect, University of Wisconsin-Madison Tim Calhoon,
More informationSingle-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps
Sofia Event Center 14-15 May 2014 Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps Radi Atanassov SharePoint MCM & MVP
More informationEUDAT Federated AAI TF (Authentication Authorization Infrastructure Task Force)
EUDAT Federated AAI TF (Authentication Authorization Infrastructure Task Force) EUDAT WP5 Slides by Jens Jensen+AAITF Presented by Claudio Cacciari (c.cacciari@cineca.it) Date:2012/03/08 Outline Background
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES 1. Federation Participant Information 1.1 The InCommon Participant Operational Practices information below is for: InCommon Participant organization
More informationCopyright: WhosOnLocation Limited
How SSO Works in WhosOnLocation About Single Sign-on By default, your administrators and users are authenticated and logged in using WhosOnLocation s user authentication. You can however bypass this and
More informationNORDUnet. AGREEMENT ADDENDUM No. 05 between. NORDUnet Af S Kastruplundgade 22 DK-2770 Kastrup DENMARK. UNINETf Abels gate 5 NO-7030 Trondheim NORWAY
NORDUnet AGREEMENT ADDENDUM No. 05 between NORDUnet Af S Kastruplundgade 22 DK-2770 Kastrup DENMARK And UNINETf Abels gate 5 NO-7030 Trondheim NORWAY regard ing Idp proxy for box NORDUnet I UNINETT Agreement
More informationFederated access to Grid resources http://tinyurl.com/loubf
Federated access to Grid resources http://tinyurl.com/loubf Keith Hazelton (hazelton@wisc.edu) Internet2 Middleware Architecture Comm. for Ed. APAN, Singapore, 19-July-06 Topics http://tinyurl.com/loubf
More informationBOF4803 Open source identity and access management. 1 October 2012 5:30p San Francisco CA
Open source identity and access management 1 October 2012 5:30p San Francisco CA slide 2 Expert Panel Ludovic Poitou, ForgeRock Matt Hardin, Symas Pascal Jakobi, Thales Group Shawn McKinney, JoshuaTree
More informationIntroduction to CERNET+ IPv6 Cloud Services Platform Initiative
CANS2015 Chengdu Introduction to CERNET+ IPv6 Cloud Services Platform Initiative CERNET Corp 1 The Background 目 录 CONTENT 2 Business Model 3 The Goals and Challenges The Background CERNET+ IPv6 Cloud Services
More informationBrian Spector CEO, CertiVox. CloudAuthZ
Brian Spector CEO, CertiVox CloudAuthZ Removes username and password databases Two-Factor Authentication No single point of failure Simplified and improved UX Pricing that scales for the cloud What is
More informationFederation At Fermilab. Al Lilianstrom National Laboratories Information Technology Summit May 2015
Federation At Fermilab Al Lilianstrom National Laboratories Information Technology Summit May 2015 About Fermilab Since 1967, Fermilab has worked to answer fundamental questions and enhance our understanding
More informationTopics. Context. Scalable Privacy. Frontiers. R&E federations globally InCommon
Scalable Privacy Topics Context R&E federations globally InCommon Scalable Privacy MFA Deliverables Citizen-centric attribute deliverables Privacy managers Anonymous credentials In support of trust Periodic
More information